ThreatExpert's Statistics for W32/Virut-X [Sophos]:

W32/Virut-X [Sophos] is also known as:

Threat Alias	Number of Incidents
W32.Virut.W [Symantec]	64
PE_VIRUT.JN [Trend Micro]	49
W32/Virut.gen.a [McAfee]	45
Virus.Win32.Virut.as [Kaspersky Lab]	42
Win32.Virut.Gen.4 [PC Tools]	42
Win32/Virut.B [AhnLab]	33
PE_VIRUT.CEL [Trend Micro]	26
Virus.Win32.Virut.be [Kaspersky Lab]	26
W32/Virut.j [McAfee]	24
Backdoor:Win32/Rbot [Microsoft]	22
Virus:Win32/Virut.AB [Microsoft]	22
Worm.SdBot.GAP [PC Tools]	22
Virus:Win32/Virut.BA [Microsoft]	15
Virus.Win32.Sality [Ikarus]	11
Virus:Win32/Virut.gen!AI [Microsoft]	10
W32.SillyFDC [Symantec]	5
Win32/Virut.Gen [AhnLab]	5
Backdoor.Win32.PoeBot.C [Ikarus]	3
W32.IRCBot [Symantec]	2
W32.Spybot.Worm [Symantec]	2
Win32.Virtob.BV [Ikarus]	2
Backdoor.Win32.Frauder.fb [Ikarus]	1
Backdoor.Win32.Nepoe.em [Kaspersky Lab]	1
Backdoor.Win32.VanBot [Ikarus]	1
Backdoor.Win32.VanBot.wv [Kaspersky Lab]	1
Backdoor:Win32/Poebot.AT [Microsoft]	1
Backdoor:Win32/Poebot.BG [Microsoft]	1
Backdoor:Win32/Poebot.BP [Microsoft]	1
BehavesLikeWin32.FileInfector [Ikarus]	1
BehavesLikeWin32.ProcessHijack [Ikarus]	1
Downloader-ASH.gen.b [McAfee]	1
Hider [McAfee]	1
Net-Worm.Win32.Kolabc.bsa [Kaspersky Lab]	1
Net-Worm.Win32.Padobot.M [Ikarus]	1
Net-Worm.Win32.Padobot.m [Kaspersky Lab]	1
Packer.RLPack [Ikarus]	1
PWS:Win32/Frethog.D [Microsoft]	1
PWS-Gamania.gen.a [McAfee]	1
Spam-Mailbot [McAfee]	1
Trojan.Crypt.NSPM [Ikarus]	1
Trojan.Hider.G [PC Tools]	1
Trojan.PWS.OnlineGames.LDZ [PC Tools]	1
Trojan.Sramler.I [PC Tools]	1
Trojan.VB.EPP [PC Tools]	1
Trojan-Dropper.Win32.Sramler.e [Kaspersky Lab]	1
Trojan-Proxy.Win32.Slaper.n [Ikarus]	1
Virus.W32.Sality [Ikarus]	1
Virus.Win32.AutoRun.jq [Ikarus]	1
Virus.Win32.Folcom.b [Kaspersky Lab]	1
Virus.Win32.Sality.s [Ikarus]	1
Virus.Win32.Virut [Ikarus]	1
Virus.Win32.Virut.n [Kaspersky Lab]	1
W32.IRCBot.Gen [Symantec]	1
W32.Korgo.S [Symantec]	1
W32/Autorun.worm.f [McAfee]	1
Worm.AutoIt.S [PC Tools]	1
Worm.Korgo.U [PC Tools]	1
Worm.Padobot.D [PC Tools]	1
Worm.Poebot.EN [PC Tools]	1
Worm.PoeBot.KS [PC Tools]	1
Worm.PoeBot.NR [PC Tools]	1
Worm.Win32.Korgo.N [Ikarus]	1
Worm:Win32/Korgo.S [Microsoft]	1
Worm:Win32/Korgo.V [Microsoft]	1

W32/Virut-X [Sophos] has the following possible countries of origin:

Origin		Number of Incidents
	China	2
	Taiwan	2
	Sweden	1
	United Kingdom	1

W32/Virut-X [Sophos] is known to be created as:

%FontsDir%\fonts.exe

%FontsDir%\tskmgr.exe

%ProgramFiles%\explorer.exe

%System%\1025.exe

%System%\1028.exe

%System%\1031.exe

%System%\1033.exe

%System%\1037.exe

%System%\1041.exe

%System%\1042.exe

%System%\1054.exe

%System%\2052.exe

%System%\3076.exe

%System%\3com_dmi.exe

%System%\algs.exe

%System%\amvo.exe

%System%\autochl.exe

%System%\blastclnnn.exe

%System%\catroot.exe

%System%\catroot2.exe

%System%\com.exe

%System%\com\lsass.exe

%System%\config.exe

%System%\csrs.exe

%System%\dhcp.exe

%System%\directx.exe

%System%\dllcache\default.exe

%System%\dllcache\global.exe

%System%\dllcache\log.exe

%System%\dllcache\svchost.exe

%System%\drivers.exe

%System%\drivers\drivers.cab.exe

%System%\export.exe

%System%\firewall.exe

%System%\fzluh.exe

%System%\ias.exe

%System%\icsxml.exe

%System%\iexplore.exe

%System%\ime.exe

%System%\inetsrv.exe

%System%\isass.exe

%System%\kamsoft.exe

%System%\lap.exe

%System%\lphc35dj0erc1.exe

%System%\macromed.exe

%System%\microsoft.exe

%System%\msdtc.exe

%System%\mui.exe

%System%\npp.exe

%System%\ntmsdata.exe

%System%\oobe.exe

%System%\ras.exe

%System%\regedit.exe

%System%\reinstallbackups.exe

%System%\restore.exe

%System%\scvhosts.exe

%System%\setup.exe

%System%\shellext.exe

%System%\spooisv.exe

%System%\spool.exe

%System%\sserver.exe

%System%\system.exe

%System%\upds.exe

%System%\usmt.exe

%System%\wbem.exe

%System%\winamp.exe

%System%\winiogon.exe

%System%\wins.exe

%System%\xircom.exe

%System%\zurpsc.exe

%Temp%\glb1a2b.exe

%Windir%\hinhem.scr

%Windir%\pchealth\global.exe

%Windir%\pchealth\helpctr\binaries\helphost.com

%Windir%\scvhosts.exe

%Windir%\system\keyboard.exe

%Windir%\temp\newdev.exe

%Windir%\userinit.exe

c:\autoexec.exe

c:\fun.xls.exe

c:\inetpub.exe

c:\ms-dos.com

c:\windows.exe

Notes:

%FontsDir% is a variable that refers to a virtual folder containing fonts. A typical path is C:\Windows\Fonts.
%ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
%Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).
%Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.